<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> Is anyone following the openstack-security list and/or part of the<br>
OpenStack Security Group (OSSG)? This sounds like another group and list<br>
we should keep our eyes on.<br></blockquote><div><br></div><div>I'm one of the OSSG leads. We'd certainly welcome your involvement in OSSG. In fact, there has been much interest in OSSG about the Barbican project. And I believe that many people from the group are contributing to Barbican.</div>
<div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> In the below thread on the security list, Nathan Kinder is conducting a<br>
security audit of the various integrated OpenStack projects. He's<br>
answering questions such as what crypto libraries are being used in the<br>
projects, algorithms used, sensitive data, and potential improvements that<br>
can be made. Check the links out in the below thread.<br>
<br>
Though we're not yet integrated, it might be beneficial to put together<br>
our security audit page under Security/Icehouse/Barbican.<br></blockquote><div><br></div><div>This would be very helpful. If there's anything I can do to help facilitate this, just let me know.</div><div><br></div><div>
Cheers,</div><div>-bryan</div></div></div></div>